package com.likersai.opon.controller;

import com.likersai.opon.pojo.bo.ResponseBO;
import com.likersai.opon.pojo.vo.req.LoginReq;
import com.likersai.opon.pojo.vo.rsp.LoginRsp;
import com.likersai.opon.service.OponUserService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.validation.Valid;

/**
 * 用户权限接口
 *
 * @author sun.ye
 * @since 2021-02-22 14:21
 */
@Api(value = "用户权限", tags = "用户权限相关")
@RestController
@RequestMapping(value = "/auth")
public class AuthController {


    private final OponUserService oponUserService;

    public AuthController(OponUserService oponUserService) {
        this.oponUserService = oponUserService;
    }

    @ApiOperation(value = "登录接口", notes = "验证login和password并返回token")
    @PostMapping(value = "/login")
    public ResponseBO<LoginRsp> login(HttpServletRequest request, @RequestBody @Valid LoginReq req){
        LoginRsp res = oponUserService.login(req);
        saveToken(request,res);
        return ResponseBO.getSuccess(res);
    }

    private void saveToken(HttpServletRequest request, LoginRsp res){
        HttpSession session = request.getSession(true);
        session.setAttribute("token",res.getToken());
    }

}